Saturday 21 November 2009

* Who do you trust with your data ?!

Well, by now anyone who has an interest in the alternative operating systems to Microsoft Windows will have read the numerous reports relating to the announcement made by Google concerning their development of the "Google Chrome OS".
It seems clear that their intention is to develop an OS that is based around Google services but more importantly where applications and data will be hosted in the "cloud".
Now lets be clear just what we're talking about here.

The operating system will essentially be your Google Chrome browser and little else. Any data you need to save will be held on Google's servers somewhere in the world. Would you be happy with this arrangement ?. I expect that when you first load up the new OS or very soon thereafter, you will be asked to tick a box agreeing to their terms before you can proceed further in setting up your account. This is the bit where you will sign your digital life away to an organisation you will have to place your total trust in.

Now anyone who has any sense these days will make backups of their computer data files of some sort, be it on external hardrive, CD, DVD or flashdrive. Those who don't may pay the consequences when their hardrive crashes or the trojans and viruses wreck their system.
So those that do take the necessary precautions of making backups and running antivirus/anti-malware programs can blame no-one but themselves if things go awry but in effect they have risk assessed their personal set-up and are happy the risk is both minimal and under their control.

However those that delegate all their personal data security to unknown persons and systems elsewhere on the planet are not able to make any reasonable risk assessment of these servers security nor do they exert any control over such risk.

So if we wish to move to the computing futureworld of Google Chrome OS we must put our total and absolute trust in the Google organisation. Just as I am doing right now as I post this on the Google Blogger site.
But there is a big difference in trusting a few chosen words of text to the "cloud" and that of trusting the "cloud" to hold our personal digital photos, personal finances, letters, videos, music, etc.

Now this might all be irrelevant if as is suggested the Chrome OS will be free and open source with the code available for developers to contribute changes to. I am sure that if this is the case then someone would soon enable users to save data locally. For now we will have to content ourselves with the snippets of information released by Google and their partners as the OS development progresses.

The development of a truly secure OS free from subversion by malware would be of inestimable benefit to society, particularly if it were based on free and open software. We have only to wait and see what the real cost to our personal data security might be.

4 comments:

  1. Hi Phil
    I think I side with you on the security and privacy aspect of all this. Like you said, ChromeOS is just to get more people to use even more Google products. Now this begs the question of, to what length should we trust our entire digital lives to an outside organization? None other than an advertising one?

    If anything is to go by, the recent spate of Google server blackouts should give people a cause for concern. It must be noted that Google ChromeOS is not going to be replacement of the current OS like Windows and Linux.

    What I think will happen, at least in the next five to ten years, is that ChromeOS will create a niche of its own that it will satisfy rather than nibble at the market share of either Windows or Linux.

    BTW, I think there is a reasonable secure OS free or subversion and malware as you put, and that OS is called Linux :-)

    ReplyDelete
  2. Hi Ghabuntu,
    Thanks for your comments which I agree with entirely.
    I see Carla Shroder has written one of her "editors notes" in Linux Today on the subject of Cloud computing. You may be interested in it here >
    http://www.linuxtoday.com/news_story.php3?ltsn=2009-11-21-001-35-OS-SV

    She touches on other issues such as speed of access which although important I didn't mention because for me security is paramount. Maybe in a decade we'll all wonder why we ever used hardrives in our PC's but for me now, i'll leave the beta testing of the cloud to others until there is a substantial record of safe and secure access.

    ReplyDelete
  3. If Chrome OS is free software, your question won't be answered but you will have a choice of who to trust with your digital life. It would not take much to make your own email server, for example, and point Chrome to that instead of Google. With freedom, you will not have to trust Google unless you want to because they offer a service you can't easily duplicate or you don't trust yourself to keep good backups or your ISP is run by idiots who forbid essential services. Network freedom is something that must be demanded along with software freedom for you to have the full benefit of either.

    Free software alone won't protect your privacy, however. Unless you use TOR and encrypt your email, you already trust your ISP with everything you do online. While most of them may not be as competent when it comes to keeping records as Google is, all of them have proved they are willing to sell you out to government and private interests.

    The nifty features of Chrome OS are size, performance and Google's back end reliability. I already hear excellent things about Droid from users I know. They say that Google took the time to make sure that everything works right. Chome OS is supposed to be about 300MB and deliver the things most of do with our computers thanks to their excellent services. Google has been providing gmail for years without loss of data and I doubt they will ever lose anything the way Danger did. For more than a decade, Google has created and improved the world's most reliable file system.

    ReplyDelete
  4. In response to Twitter,

    My only point is that the decision of trust is one that everyone has to take if they wish to use the "cloud" to store their valuable data. I've made my decision, whoever hosts the data. Having said that, I can't see my EVER not holding personal backups of my data as I do now. If an OS such as Chrome doesn't allow me to, I won't use it. If it does, I may, ......eventually.
    I never send financial or confidential data by email for as you say you never know who might get a hold of it. I also use an email client not webmail and configure it to delete messages from the server upon being downloaded. I back-up my email messages, received and sent, daily, to a separate hardrive. All of this is automated.

    There are certain organisations you have to trust if you want to use their on-line services, such as Banks. But you also have a personal duty to ensure the security of your PC (firewalls, antivirus, etc).
    Again all of this is a purely personal decision.

    ReplyDelete